logo

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

SecurityVulnerabilityCVE
CSA and Connect Secure Vulnerabilities

Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.

The list of vulnerabilities is as follows -

  • CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote unauthenticated attacker to gain administrative access
  • CVE-2024-11772 (CVSS score: 9.1) - A command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.3 that allows a remote authenticated attacker with admin privileges to achieve remote code execution
  • CVE-2024-11773 (CVSS score: 9.1) - An SQL injection vulnerability in the admin web console of Ivanti CSA before version 5.0.3 that allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements
  • CVE-2024-11633 (CVSS score: 9.1) - An argument injection vulnerability in Ivanti Connect Secure before version 22.7R2.4 that allows a remote authenticated attacker with admin privileges to achieve remote code execution
  • CVE-2024-11634 (CVSS score: 9.1) - A command injection vulnerability in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 that allows a remote authenticated attacker with admin privileges to achieve remote code execution
  • CVE-2024-8540 (CVSS score: 8.8) - An insecure permissions vulnerability in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 that allows a local authenticated attacker to modify sensitive application components

The shortcomings have been addressed in the below versions -

  • Ivanti Cloud Services Application 5.0.3
  • Ivanti Connect Secure 22.7R2.4
  • Ivanti Policy Secure 22.7R1.2
  • Ivanti Sentry 9.20.2, 10.0.2, and 10.1.0

While Ivanti has emphasized that it's not aware of active exploitation of any of the aforementioned flaws, it's imperative that users take quick action given that several flaws in its products have been abused by state-sponsored attackers for malicious activities.

Wyden proposes bill to secure US telecoms after Salt Typhoon hacks

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

Free online web security scanner

Top News:

New NailaoLocker ransomware used against EU healthcare orgs

New NailaoLocker ransomware used against EU healthcare orgs

 February 20, 2025
Black Basta ransomware gang's internal chat logs leak online

Black Basta ransomware gang's internal chat logs leak online

 February 21, 2025
Windows Server 2025 released—here are the new features

Windows Server 2025 released—here are the new features

 November 5, 2024
Chinese hackers abuse Microsoft APP-v tool to evade antivirus

Chinese hackers abuse Microsoft APP-v tool to evade antivirus

 February 19, 2025
SpyLend Android malware downloaded 100,000 times from Google Play

SpyLend Android malware downloaded 100,000 times from Google Play

 February 22, 2025
Sniffnet: Free, open-source network monitoring

Sniffnet: Free, open-source network monitoring

 June 6, 2024